Marketers Get Advice on State Legislation
Her remarks came yesterday during a panel session on state legislative issues called "A Closer Look at the Ethical/Legal Landscape: How Today's Marketers Are Coping With the Numerous State/Local Privacy/Consumer Protection Issues." It took place at the DM Days New York Conference & Expo at the Javits Center.
In terms of state-level legislation Kachura also said, "What happens in California rarely stays in California."
Panelist Emily Hackett, executive director of the Internet Alliance, a DMA subsidiary, said data security breaches are the No. 1 Internet-related issue in terms of state legislation. She said 112 bills have been introduced in 37 states. Of those, 16 states passed bills, 19 have bills pending and two states had bills that failed.
Hackett cited the California data breach notification law that prompted data broker ChoicePoint to reveal breaches this year as very influential, as most state laws follow California's lead. It also was California legislation, along with laws in 35 other states, that led to the federal CAN-SPAM law, she said, adding that federal spyware legislation based on a California law was likely to follow.
Tony Hadley, vice president of government affairs at Experian, also mentioned what he termed the "ChoicePoint incident," saying that it covers the ChoicePoint breach itself as well as breaches involving LexisNexis, DSW and others that came to light this year.
Regarding these occurrences, Hadley said DMers can and should say something and it should be, "We're for data security," to try to draw attention to true security issues and away from legislation that would restrict marketers. One such restriction would be the regulation of the use of public records, he said.
"Public records are a cornerstone of market segmentation," Hadley said, urging marketers not to allow that access to be denied.
Reframing the debate to show consumers how data benefit them is one way to try to avoid overly strict legislation in this area, he said.
Hadley said 24 states are considering 66 proposals relating to data breach notification; 25 states are considering 48 credit report freeze proposals; and 37 states are considering 147 bills that would restrict the use of Social Security numbers.
Hadley said the industry should support breach notification in cases where significant harm may arise. Of the 57 breaches reported in California since its notification law took effect, he said, only one resulted in identity theft, and it was the ChoicePoint breach.
"We don't want under-notification or over-notification," he said.
The final panelist was Noreen Kaminski, vice president of government affairs at DialAmerica Marketing. She said 34 states have registration requirements for telemarketers and 12 have disclosure requirements. She also said that 41 states have no-call registries, with 31 of those sharing data with the national list.
"Over 250 telemarketing bills were introduced in the states this year," Kaminski said. She cited California, New Jersey, Indiana, Wisconsin, New York, Florida and Pennsylvania as high-profile states for activity and enforcement of telemarketing laws.
Some particularly restrictive state bills have been introduced, Kaminski said, such as the need for signed, written contracts prior to telemarketing to consumers and restriction of political, nonprofit and business-to-business telemarketing. Other issues include calling curfews, restriction of free trial offers and automatic renewals and removal of certain calling exemptions.
To keep up with all the state and federal legislation, she recommended that companies devote at least one person to compliance, get legal counsel, set up compliance manuals, respond to complaints from attorneys general and others immediately and lobby.
Kristen Bremner covers list news, insert media, privacy and fundraising for DM News and DMNews.com. To keep up with the latest developments in these areas, subscribe to our daily and weekly e-mail newsletters by visiting www.dmnews.com/newsletters